Question

Are there any Linux programs that can disassemble an OSX universal x86/x86_64 fat Mach-O binary like objdump? GNU binutils' objdump supports ELF and Windows PE files but not Mach-O.

Was it helpful?

Solution

AFAIK, the native Darwin binary tools are part of the cctools package. They don't have the same command line syntax or output as the GNU binutils. Later binutils (i.e., 2.22) supports the Mach-O format however. You can get these prebuilt, with the 'g' prefix to the tool names, as mentioned here. Alternatively, you can compile binutils, with something like:

> ./configure --prefix=$CROSSTOOLDIR --target=x86_64-apple-darwin \
--enable-64-bit-bfd --disable-nls --disable-werror

Installation will yield a bin/ directory where the utilities are prefixed with x86_64-apple-darwin. It should handle i386 Mach-O format (and FAT binaries) fine.

OTHER TIPS

With regards to Jeff's response:

bintuils does not include linking support (ld/gld) for mach o not even in the current 2.23 release which is really disappointing but not surprising. That unfortunately is what happens when you make an OS, and reinvent things "that really don't need to be reinvented." Everyone has different priorities. I still haven't heard the end of a.out vs elf from some people.

care to try to run ELF binaries on OSX? https://stackoverflow.com/a/2613170/1867574

You can disassemble Mach-O binaries on Linux with Hopper. Unlike objdump, it has a very nice graphical user interface.

I think you need otool. It is included in mac osx command tools. For example, if you want to disassemble a.out, all you need to do is typing otool -tv a.out in your command line.

Few famous tools for reverse engineering the Mach-O binaries are otool , strings, nm, otx etc. This definitely works on the MAC OSX, I think it works on the Linux plaform too.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top